I'm reading TJ OConnor's Detecting and Responding to Data Link Layer Attacks and I'm wondering how well the Raspberry Pi work with detecting these layer 2 attacks using the Python example scripts in the paper. Does anyone have any experience with it?

Hardware constraints might be a limiting factor if you're going to monitor a large amount of traffic. You also only get one NIC by default, so you'll have to perform monitoring and management on the same port. It'll probably be fine for playing around with at home or in a small office though.